Re: Unchecked sprintf/strcat?

[Oswald Buddenhagen <ossi@xxxxxxx>]

On Mon, May 22, 2006 at 07:04:13PM +0900, TAKAHASHI Tamotsu wrote:
> But it shouldn't abort on truncating, anyway.
> It should only output some debugging message.
> When that is not enough, we can still use explicit
> assertion with goto or return or mutt_exit.
> 
i think you are mixing up two cases:
1) intended possible truncation
2) buffer overflow

1) should obviously go silently, while 2) should at least spit out a
blatant "internal error" message one simply can't miss. that means:
- snprintf() and strlcpy()/strlcat() for truncation
- safe_sprintf() and safe_strcpy()/safe_strcat() for assert or message +
  truncation

-- 
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Chaos, panic, and disorder - my work here is done.